EUVD-2008-2850

Malware in sbrugna...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: mysql (UTSA-2025-984993)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-984993 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and...

EUVD-2024-1119

Malicious code in bioql PyPI...

EUVD-2024-1523

Malicious code in bioql PyPI...

EUVD-2024-17102

Malicious code in bioql PyPI...

EUVD-2022-52680

Malicious code in bioql PyPI...

EUVD-2024-41431

Malicious code in bioql PyPI...

EUVD-2022-0806

Malicious code in bioql PyPI...

EUVD-2024-19976

Malicious code in bioql PyPI...

EUVD-2024-17103

Malicious code in bioql PyPI...

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection in the QuerySet.annotate, QuerySet.alias, QuerySet.aggregate, and QuerySet.extra methods when a specially crafted dictionary is passed using dictionary expansion as kwargs, leading to unsafe column aliases on MySQL and...

PYSEC-2025-106

An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. QuerySet.annotate, QuerySet.alias, QuerySet.aggregate, and QuerySet.extra are subject to SQL injection in column aliases, when using a suitably crafted dictionary, with dictionary expansion, as the kwarg...

Django -- multiple vulnerabilities

Django reports: CVE-2025-59681: Potential SQL injection in QuerySet.annotate, alias, aggregate, and extra on MySQL and MariaDB. CVE-2025-59682: Potential partial directory-traversal via archive.extract...

Exploit for CVE-2025-54726

CVE-2025-54726 JS Archive List = 5.0.12 time-based...

RHSA-2025:16086 Red Hat Security Advisory: mysql security update

Bulletin has no description...

Exploit for CVE-2025-58443

CVE-2025-58443 exploit POC for https://github.com/FOGProject/...

Linux Distros Unpatched Vulnerability : CVE-2016-0663

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to Performance Schema. CVE-2016-0663...

Linux Distros Unpatched Vulnerability : CVE-2020-14586

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Privileges. Supported versions that are affected are 8.0.20 and prior...

Linux Distros Unpatched Vulnerability : CVE-2025-30693

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0...

📄 VX Guestbook 1.07 SQL Injection

VX Guestbook version 1.07 suffers from a remote SQL injection vulnerability. Exploit Title: VX Guestbook SQL Injection Authenticated Date: 2025-08-02 Exploit Author: tmrswrr Category : Webapps Vendor: https://phpversion.com/ Version 1.07 1. Access the Admin Panel: - Click Words Censor...